DEV Community

Rodrigo Fernandes
Rodrigo Fernandes

Posted on

Bastion Host

Anotações sobre o Bastion Host para ajudar na preparação das certificações AWS.

Até o momento as anotações são para as certificações abaixo:

Image description


Anotações gerais

  • Instância sempre na Subnet Publica

SSH Agent Forwarding

Documentação oficial

  • Copiar a public key para as instâncias que serão acessadas

Step 1: Create Public/Private Key in Remote Client EC2

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

Step 2: Setup Authentication

  • Copy the contents of public key form remote-client to the
~/.ssh/authorized_keys file of both Bastion and Private EC2.
Enter fullscreen mode Exit fullscreen mode

Step 3: Use SSH Agent Forwarding

  • Run the following commands on the remote-client EC2 instance

Image description

Step 4: Test the Setup

  • From remote-client EC2, run the following command:
ssh -A [BASTION-EC2-IP]
Enter fullscreen mode Exit fullscreen mode
  • Once you are logged into Bastion, try to connect to Private EC2
ssh [IP-OF-PRIVATE-EC2]

Enter fullscreen mode Exit fullscreen mode

How to Record SSH Sessions Established Through a Bastion Host

Documentação oficial


Referências

Top comments (0)